If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

help got a trojan

I ran a virus test yestersay and my AV found 2 viruses located in C:\WINDOWS\BELT.EXE and the other located in C:\WINDOWS\TEMP\BELT.EXE. The details on the Av said it was a downloader trojan, Downloader.Stubby.A. I looked at in the temp files and saw it was a zipped file. Ran a search on it found a few more Belt files. Opened one with notepad and this was what i got:

try removing it with you AV, download sbybot, adaware, run a search in registry and delete all files realted to the virus you can find on your computer if you get an error by trying to delete the file look in the Task Manager if the process is running, if it is "End Process Tree" it and then remove the files.

Turn system restore off by going into control panel- administrative tools- services then click the standard tab at the bottom of the screen. than stop system restore service and double click it then disable hit ok. then go to your system C:\System Volume Information\ delete top down all the folders there. The last one you will not likely be able to delete. go to that directory called something like: '_restore{A22afafea-af4C84-afad-6aafawe46B610}' double click it and go to the last entry called RP something double click it and you will get a screen saying the virus is there. Run avg for that directory and let it heal it. Try to delete the dir if possible. next go up to the preceeding directory just above it and doubleclick it to see if avg alerts you if so do the same thing and continue up until avg does not alert you. to be safe you can reboot and go to safemode and to the C:\System Volume Information\ and delete anything in it. upon booting back into windows run avg completely again to be sure. then go back to control panel admin services - services and re-enable system restore service assuming you want the ability to restore using XP restore.

I got bugged with a "Trojan" alert too past few days, and neither my AVG virus scan nor my ad-aware could find it ....i now downloaded that "hijackthis", and i came up with quite a few things that shouldn't be on my PC ... lets hope that "trojan" was one of 'em

okay now, that HijackThis didn't take care of it either, still got a message saying a Trojan horse downloader Dyfica.H was being detected, so i ran a search for the damn thing on google, and there i found a post in some forum saying that he got rid of it with the latest version of AVG, being 7 .... i went to get that, and YES, not only did it detect it, it also gave me the option to move it to "vault", or delete the file...which i did ofcourse, delete it that is....damn thing been bugging me long enough !

Troj/Stubby-A is indeed a trojan that attempts to download more files from the internet. I work for an AV company that shall remain sort of unnamed and during analysis we discovered that the site that the Trojan attempts to contact isnt actually there anymore, so the Trojan is pretty useless.
As its a Trojan you can simply just delete the file either manually ensuring not to run the file at any time, or the better alternative would be to use an AV product to run a scan and delete/remove all infected files.

If you still have the file i would really appreciate looking at it, so i can compare it to the other sample that i have looked at. If you have it send it to :